China Behind Another Hack as US Cybersecurity Issues Mount (nbcnews.com) 63
China is behind a newly discovered series of hacks against key targets in the U.S. government, private companies and the country's critical infrastructure, cybersecurity firm Mandiant said Wednesday. From a report: The hack works by breaking into Pulse Secure, a program that businesses often use to let workers remotely connect to their offices. The company announced Tuesday how users can check to see if they were affected but said the software update to prevent the risk to users won't go out until May. The campaign is the third distinct and severe cyberespionage operation against the U.S. made public in recent months, stressing an already strained cybersecurity workforce.
The U.S. government accused Russia in January of hacking nine government agencies via SolarWinds, a Texas software company widely used by American businesses and government agencies. In March, Microsoft blamed China for starting a free-for-all where scores of different hackers broke into organizations around the world through the Microsoft Exchange email program. In all three campaigns, the hackers first used those programs to hack into victims' computer networks, then created backdoors to spy on them for months, if not longer. The U.S. Cybersecurity and Infrastructure Security Agency, or CISA, said in a warning Tuesday evening the latest hacking campaign is currently "affecting U.S. government agencies, critical infrastructure entities, and other private sector organizations."
The U.S. government accused Russia in January of hacking nine government agencies via SolarWinds, a Texas software company widely used by American businesses and government agencies. In March, Microsoft blamed China for starting a free-for-all where scores of different hackers broke into organizations around the world through the Microsoft Exchange email program. In all three campaigns, the hackers first used those programs to hack into victims' computer networks, then created backdoors to spy on them for months, if not longer. The U.S. Cybersecurity and Infrastructure Security Agency, or CISA, said in a warning Tuesday evening the latest hacking campaign is currently "affecting U.S. government agencies, critical infrastructure entities, and other private sector organizations."
Re: China is superior to america (Score:3)
Why are there over 400,000 Chinese students studying at US universities? Why would they come to study someplace inferior? We still dominate inventing, technology, and the sciences .. computing, VR, social media, dna editing, vaccines, reusable rockets, autonomous driving .. who conceptualized and invented those technologies? Does China have a decent CAD program? How about CPU design software or manufacturing technology. GTFO out of here man. Why couldnâ(TM)t they even figure out how to make a ballpoint
Re: (Score:1)
Haha, you're saying that the Chinese, who can't make a ballpoint pen nib, can indoctrinate and organize 400,000 kids to perform advanced spying operations?
Re: (Score:2)
Haha, you're saying that the Chinese, who can't make a ballpoint pen nib, can indoctrinate and organize 400,000 kids to perform advanced spying operations?
Quantity has a quality all of its own.
No need to be all that advanced.
Would be a good haystack for the needles that are actually advanced too.
Re: (Score:2)
China pushing communism? LOL!
Re: (Score:1)
Why are there over 400,000 Chinese students studying at US universities?
For a lot of them it so they can have less homework.
American Universities are just easier.
Re: (Score:2)
Why are there over 400,000 Chinese students studying at US universities?
Compared to Chinese Universities, American ones are like *party schools. They are much more fun. Where would you go if you had the choice?
Probably a lot of it is also the reason people buy Apple products. To show all the people around you that you can afford it.
*the other kind of party school Not this one [wikipedia.org]
Re: (Score:2)
time for war war.
Don't be bloody stupid, that is never going to happen, because
A: The American ruling class make a lot of money out of China. Both by exploiting their low-cost labour and by selling to their huge internal market,
B: America can't win a war against China and smarter people than you are well aware of that.
Re: (Score:2)
cyber arms treaty or GTFO (Score:5, Insightful)
The only way out of this mess is put the brakes on the cyber arms race. Treat attacks on civilian targets and infrastructure as terrorism. And severely restrict what operations are allowed. A military approach will only lead to an arms race of offense and defense, with the peaceful civilians a casualty of war.
The current regime of China is unlikely to agree to any terms from the US. They have internal goals that don't align with the peaceful existence of the rest of the world. And the US is unlikely to withdraw from cyber warfare unless they can get everyone else to stop first.
Re: cyber arms treaty or GTFO (Score:3)
Rewrite it in Rust imo.
Re: (Score:2)
including threat analysis in your development process during the rewrite would help too.
Re:cyber arms treaty or GTFO (Score:4, Insightful)
Treat attacks on civilian targets and infrastructure as terrorism.
No! when its a nation state actor its not terrorism its an act of war! Treat it like the act of war that it is. Counter attack!
I don't see any reason at all said counter attack has to be "Cyber." Its time we did the sensible thing and have the state department close our embassies in China, and tell Americans citizens to come home, and tell American business to remove their assets from Chinese territories. We need to get our hands unties so we can go to war effectively if necessary - and if this stuff does not stop that should be considered necessary.
Re: (Score:2)
Yeah, well, in all the hysteria, make sure you get the right guy. This shit is too easy to fake, and a lot of innocents will suffer for all this war mongering.
Re: (Score:2)
...and tell American business to remove their assets from Chinese territories.
What happened to capitalism?
The US company I work for (for instance) makes something like $2 billion every year from their Chinese assets. Why would they give that up?
Re: (Score:2)
Re:cyber arms treaty or GTFO (Score:4, Insightful)
The only way out of this mess is put the brakes on the cyber arms race. Treat attacks on civilian targets and infrastructure as terrorism. And severely restrict what operations are allowed. A military approach will only lead to an arms race of offense and defense, with the peaceful civilians a casualty of war.
The current regime of China is unlikely to agree to any terms from the US. They have internal goals that don't align with the peaceful existence of the rest of the world. And the US is unlikely to withdraw from cyber warfare unless they can get everyone else to stop first.
Not sure what you are advocation for exactly. These are state-sponsored groups. U.S anti-terrorism laws would be completely ineffective against unknown individuals in China protected by the CCP.
Re: (Score:3)
Terrorism is the systematic use of violence, threat of violence, fear, or intimidation against primarily a civilian population for a political goal. There is no special exception for state sponsored activity. There are international laws that define some stated sponsored activities as war crimes, but that's not mutually exclusive and it still meets a colloquial definition of terrorism if not also a legal one.
Not all cyber warfare is terrorism. So I would not necessarily want to restrict the discussion purel
Re: (Score:2)
Re: (Score:2)
Re:cyber arms treaty or GTFO (Score:5, Informative)
Example:
Treaty controlling turnover of Hong Kong.
https://www.msn.com/en-us/news... [msn.com]
The UNCLOS, which they ignored, which was arbitrated and the result has been ignored by the CCP.
https://globalnation.inquirer.... [inquirer.net]
Five border treaties between India and China.
https://www.businessinsider.in... [businessinsider.in]
Re:cyber arms treaty or GTFO (Score:5, Interesting)
1. The barrier to entry is minimal. A large crime gang has no issues gaining access to resources which would require a nation state if this was nukes, chemical or biological warfare.
2. 99% of the "attributions" have no merit in fact. They are utter shit. They are not fit to be presented in a discussion based in law. They are attributed to a particular actor solely on the basis of political convenience of the day.
3. A normal weapon when deployed is expended. You cannot capture it, rearm it and lob it at somebody else. Not an issue with cyberwarfare and happens on a daily basis. That makes point 2 even more pertinent - even if you have identified the weapon correctly what is your rationale to declare that this Cyber-AK47 is Russian or Cyber-AR15 is American. They can be captured and reused.
4... 5... 6...
The real answer is re-engineering the whole thing with security in mind (and that implies surrendering any anonymity) from the ground up. Nothing else will work.
Re: (Score:3)
The way out of this is:
1. Stop turing Linux into windows
2. Stop using anything close to Microsoft Windows
3. Take back control of your servers from the cloud providers
Re: (Score:3)
Industrialized nations definitely need to think of private computer networks as key infrastructure and a national security issue. Letting banks and power plants get hacked pretty much every day is downright irresponsible. Too bad the average citizen doesn't realize there is anything wrong until their bank account is empty or the lights go out.
Re: (Score:3)
This will be really unpopular but the real fix is -
Real actual answer. - Great Firewall of the US. With ingress controls that super strict and absolutely no encryption over the boarder; except via registered site-to-site vpns with defined use and penalties like no more vpn for you for organizations that are found to be violating those use agreements. Corporate VPNs would be fine and the like but not if they then allow egress for example.
That pretty much make all the international hacking detectable. We hav
Re: (Score:1)
We are way past that. I would suspect the military contractors, they hire people who want to kill for shits and giggles, they do not care who dies in their employ or who they kill. A lot of this is very organised very military and you have contractors who employ thousands, their only morality greed, I would suspect all of them hiring hackers and using them for insider trading hacks and contracting the information back to the vulture capitalists and having done so for quite some time. With servers in Russia
Not a fan of these hackers (Score:1)
Glad it didn't affect me THIS time, but something really needs to be done. It is hard as hell to block new attacks like this. I can see the US government going after them, but they just have less to lose. Or DO they. Their biggest issue is being exposed by bad press, like crimes against their own people. Time to start pulling all that dirty laundry out in the open maybe.
Re: (Score:2)
Ya, security researchers would never think of that. Maybe you could tell them, I'm sure they'd listen to you.
Re: (Score:2)
Wow (Score:2)
I know it was two whole days ago, but...
https://it.slashdot.org/story/... [slashdot.org]
Re: (Score:3, Insightful)
That's the truth, compare the headline to what the company actually said: [fireeye.com]
"We are in the early stages of gathering evidence and making attribution assessments and there are a number of gaps in our understanding...We have also uncovered limited evidence to suggest that UNC2630 operates on behalf of the Chinese government. Analysis is still ongoing"
There is a huge difference between the headlines and the actual evidence. The headlines are not justified.
Re: (Score:1)
Of course they aren't, but the war mongers have clout. With Afghanistan winding down, they need something else to attack and keep the stress levels up domestically. They don't want to see any challenges to their narrative either, judging by the mod bombing.
Re: (Score:2)
I don't get it.. (Score:4, Interesting)
Where is the NSA? (Score:2)
These government agencies and companies and software so large that they are effectively US assets by the ubiquity they are used that they should have some input and forethought into exposing and correcting some of these vulnerabilities. It's clear these private companies cannot or will not put in the ffort to secure their products against state actors.
Maybe I am wrong but doesn't the security of these government agencies fall somewhat under the purview of the NSA's responsibilities? If not them then some
Re:Where is the NSA? (Score:5, Insightful)
The NSA isn't America's security company. In fact, there is not U.S. government security agency charged with securing U.S. Gov. assets. That's part of the problem, each agency is left to fend for itself.
Funny.. (Score:4, Insightful)
Re: (Score:1)
Oh? And you have been getting the secret memos? Do tell.
Microsoft Blames China for Its Insecure Software (Score:5, Insightful)
Yes, these are bad guys doing bad things. But you know what? They could not do it if Microsoft hadn’t left the holes in their Exchange program for the bad guys to get in through.
It’s not like they don’t know there are bad guys out there, and it’s not like they know there are holes in their program, but they just can’t be bothered to close the barn doors until after the horses have run off. Now they want to be treated like heroes for fixing the problem they created? At least a big part of the blame for this should fall on Microsoft.
Fuck China (Score:1)
If only the world had the collective will to tell them with a single voice to play nice or we'll just drop all of their traffic into the bit bucket.
Re: (Score:3)
It's almost like (Score:1)
...we need to stop pussyfooting around pretending that the Chinese are interested in peaceful coexistence.
They fully believe that they have the power of history, and that the corrupt and decadent West is bound to collapse before the inevitability of the Middle Kingdom.
Let's be clear, the Chinese Communists WORKED WITH the Japanese in ww2 - to Chinese, this is literally comparable to Jews cheerfully working with Nazis - because they saw it as the best way they could get rid of Chiang Kai Shek and the KMT.
Unt
Re: (Score:3)
Re: (Score:2)
Last time I checked, Ford Motor Company didn't end up the government in charge of the United States, either.
False equivalence.
Can we pause to just note.. (Score:2)
That two pieces of software that are expressly used ostensibly by companies to 'improve' the security turned into huge gaping backdoors?
I just like to raise this point as enterprises go to deploy probably more gaping backdoors from various companies in response to these incidents, thinking they are deploying things to help them get their security in order. Companies with a reputable brand and golf-playing salespeople, but not particularly great developers...